/** * @depends test_HashType */ public function test_matchPWD($encyption_algo) { $algo_actual = getPWDHash('test'); $first = matchPWD($algo_actual, 'test'); $this->assertEquals(true, $first); $first = matchPWD($algo_actual, 'testing'); $this->assertEquals(false, $first); }
public function test_matchPWD() { setConfig("PWD_HASH_TYPE", "logiks"); $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.'); $algo_actual = getPWDHash('test', $salt); $first = matchPWD($algo_actual, 'test', $salt); $this->assertEquals(true, $first); $first = matchPWD($algo_actual, 'testing', $salt); $this->assertEquals(false, $first); }
if (strlen($userFields) > 0) { $q1 .= " AND ({$userFields})"; } else { relink('Wrong Configuration For Authenetication System', $domain); } $result = $dbLink->executeQuery($q1); if ($result) { $data = $dbLink->fetchData($result); $dbLink->freeResult($result); if ($data == null) { relink("Sorry, you have not yet joined us or your userid has expired.", $domain); } } else { relink("Sorry, you have not yet joined us or your userid has expired.", $domain); } if (!matchPWD($data['pwd'], $pwd)) { relink("UserID/Password Wrong/Mismatch", $domain); } if ($data['blocked'] == "true") { relink("Sorry, you are currently blocked by system admin.", $domain); } //Creating Access Rules $q3 = "SELECT sites,master FROM " . _dbTable("access", true) . " where id='" . $data['access'] . "' and blocked='false'"; $q4 = "SELECT name as privilege_name FROM " . _dbTable("privileges", true) . " where id='" . $data['privilege'] . "' and blocked='false'"; $result = $dbLink->executeQuery($q3); if ($result) { $d1 = $dbLink->fetchData($result); $dbLink->freeResult($result); if ($d1 == null) { relink("No Accessibilty Defined For You Or Blocked By Admin.", $domain); }
foreach ($userFields as $key => $value) { unset($userFields[$key]); $userFields["{$value}"] = $userid; } } $sql = _db(true)->_selectQ(_dbTable("users", true), "id, guid, userid, pwd, pwd_salt, privilegeid, accessid, groupid, name, email, mobile, region, country, blocked, avatar, avatar_type")->_whereOR("expires", ["0000-00-00", ["NULL", "NU"], ["now()", "GT"]])->_where($userFields, "AND", "OR"); $result = $sql->_get(); if (!empty($result)) { $data = $result[0]; } else { relink("Sorry, you have not yet joined us or your userid has expired.", $domain); } // echo "{$data['pwd']} >>> $pwd >>> {$data['pwd_salt']}\n\n<br>"; // printArray(getPWDHash($pwd,$data['pwd_salt'])); // exit(matchPWD($data['pwd'],$pwd, $data['pwd_salt'])); if (!matchPWD($data['pwd'], $pwd, $data['pwd_salt'])) { relink("UserID/Password Wrong/Mismatch", $domain); } if ($data['blocked'] == "true") { relink("Sorry, you are currently blocked by system admin.", $domain); } $accessData = _db(true)->_selectQ(_dbTable("access", true), "sites,name as access_name")->_where(["id" => $data['accessid'], "blocked" => "false"])->_get(); $privilegeData = _db(true)->_selectQ(_dbTable("privileges", true), "id,md5(concat(id,name)) as hash,name as privilege_name")->_where(["id" => $data['privilegeid'], "blocked" => "false"])->_get(); $groupData = _db(true)->_selectQ(_dbTable("users_group", true), "id,group_name,group_manager,group_descs")->_where(["id" => $data['groupid']])->_get(); if (empty($accessData)) { relink("No Accessibilty Defined For You Or Blocked By Admin.", $domain); } else { $accessData = $accessData[0]; } if (empty($privilegeData)) { relink("No Privileges Defined For You Or Blocked By Admin.", $domain);